Use signature scanning
I think they're called 'static memory addresses'. They're the addresses that don't change.
Anyway, I'm making a hack for a game and I located the dynamic memory addresses (I think they're called) which change everytime the application is reopened. How can I find the address that doesn't change?
I don't want to have to continously search for the memory addresses and add them in again. Because then there is no point of the program, I may as well just use CE or some other memory editor.
Thank you.
Use signature scanning
You shure can use "CE or some other memory editor"
Or B write a code that looks for changed m.adress at some specific place every time when game is restarted.. now the next question will be can you post some basic source, no im not so advanced.. but i'm browsing this forum and i think you could do it too here are many good articles what you could use/learn from..
btw whats your game ?
I'm making this hack for a game called "Sniper: Ghost Warrior" I can give you the full source, there is no need to hide it. It's nothing fancy.
Full source:
I labeled it so people can learn from it ^.^Code:// My first game hack. This is for "Sniper: Ghost Warrior" #include "stdafx.h" #include <iostream> #include <Windows.h> using namespace std; int main () { HWND hWnd = FindWindow(0, L"Sniper: Ghost Warrior"); // Finds the window titled "Sniper: Ghost Warrior". if (hWnd == 0) // If it can't find the window, then: { cout << "Can't find window, dopey noonga!" << endl; } else { DWORD pr0c3zz; GetWindowThreadProcessId(hWnd, &pr0c3zz); // Locates the process through the window. HANDLE trollpr0c3zz = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pr0c3zz); // Gives access to process. if (!trollpr0c3zz) // If it can't access the process, then: { cout << "I can nawtz open pr0c3zz :(." << endl; } else { int ammoAmount = 10; // Amount of bullets in current round. int roundsAmount = 60; // Amount of rounds left. int ammoAddr = 0x29500340; // Ammunition memory address. int roundsAddr = 0x296E629C; // Rounds memory address. cout << "Unlimited ammo - F1" << endl; bool AmmoHax = false; while(1) // Loops so the memory keeps rewriting itself if it's changed. { if (GetAsyncKeyState(VK_F1)) // If the "F1" hotkey is pressed then it will write the new data to the memory address. AmmoHax = !AmmoHax; if (AmmoHax) WriteProcessMemory(trollpr0c3zz, (LPVOID)ammoAddr, &ammoAmount, sizeof(ammoAmount), NULL); // Modifies the ammunition's memory value to 10. WriteProcessMemory(trollpr0c3zz, (LPVOID)roundsAddr, &roundsAmount, sizeof(roundsAmount), NULL); // Modifies the rounds' memory value to 60. } // End of loop. } CloseHandle(trollpr0c3zz); // Removes access to the process when it is not needed. } system("pause"); return 0; }
059 (10-06-2015)
Two words for you: Cheat Engine.
Just make Cheat Engine tutorial man.
The mutiple-level pointers and you will know how to get static address.
Just simple pointers .
*Note*
int ammoAddr = 0x29500340; // Ammunition memory address.
int roundsAddr = 0x296E629C; // Rounds memory address.
I think you should use DWORD or long long int for address. int is 32767 max if Im not wrong
and 296E629C is 695100060 in DEC.
Whathever its just a note.
Well, I tried the CE tutorial. That's why I posted here all confused :P.
I might have missed something in the tutorial, I'll give it another shot. Thanks.
Okay, I tested on Minesweeper and I think I found the base address of the number of mines left.
Picture:
Only problem is...that green address changes everytime I reopen the program :S. I thought it was suppose to stay the same?
Last time it was "FF4DAA38". Now it's "FF7AAA38".
Any help would be appreciated, thanks.
Last edited by Phizo; 09-25-2011 at 10:08 PM.
Most of the time you won't get CEs nice "green" value, but that doesn't mean there isn't a way to calculate precisely where the address will be. Most of your addresses are relative to the imagebase, which isn't necessarily constant which is why CE doesn't show those addresses as "static", although it's easy to find the imagebase of a module and then just add on the offsets.
https://www.mpgh.net/forum/31-c-c-pro...ng-memory.html
This thread was an example of offsetting from the imagebase to find the real address of the values.
FYI unlimited ammo is rarely as easy as changing a single address, usually each gun will have its own ammo counter so you have to modify all of them
You can win the rat race,Originally Posted by Jeremy S. Anderson
But you're still nothing but a fucking RAT.
++Latest Projects++
[Open Source] Injection Library
Simple PE Cipher
FilthyHooker - Simple Hooking Class
CLR Injector - Inject .NET dlls with ease
Simple Injection - An in-depth look
MPGH's .NET SDK
eJect - Simple Injector
Basic PE Explorer (BETA)
Donate:
BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9
Handy Tools/Hacks:
Extreme Injector v3.7.3
A powerful and advanced injector in a simple GUI.
Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!
Minion Since: 13th January 2011
Moderator Since: 6th May 2011
Global Moderator Since: 29th April 2012
Super User/Unknown Since: 23rd July 2013
'Game Hacking' Team Since: 30th July 2013
--My Art--
[Roxas - Pixel Art, WIP]
[Natsu - Drawn]
[Natsu - Coloured]
All drawings are coloured using Photoshop.
--Gifts--
[Kyle]
Well, is there a way I can make my program search for the dynamic address and then edit it? Or would that be too much work?
So much is wrong with this dude.
In the majority of architectures today, an int is a 32-bit signed integer, with range from -2147483647 to +2147483647.
296E629C is NOT DEC, it's a hexadecimal numeric notation.
long long ints are 8 bytes and produce unnecessary wastage as you're not likely to get an address outside the range of a DWORD (unsigned 32-bit integer, with max value of 2^32)
Yeah.
You can win the rat race,Originally Posted by Jeremy S. Anderson
But you're still nothing but a fucking RAT.
++Latest Projects++
[Open Source] Injection Library
Simple PE Cipher
FilthyHooker - Simple Hooking Class
CLR Injector - Inject .NET dlls with ease
Simple Injection - An in-depth look
MPGH's .NET SDK
eJect - Simple Injector
Basic PE Explorer (BETA)
t7ancients (09-26-2011)